Dear Groestlers, it goes without saying that 2020 has been a difficult time for millions of people worldwide. The groestlcoin team would like to take this opportunity to wish everyone our best to everyone coping with the direct and indirect effects of COVID-19. Let it bring out the best in us all and show that collectively, we can conquer anything. The centralised banks and our national governments are facing unprecedented times with interest rates worldwide dropping to record lows in places. Rest assured that this can only strengthen the fundamentals of all decentralised cryptocurrencies and the vision that was seeded with Satoshi's Bitcoin whitepaper over 10 years ago. Despite everything that has been thrown at us this year, the show must go on and the team will still progress and advance to continue the momentum that we have developed over the past 6 years. In addition to this, we'd like to remind you all that this is Groestlcoin's 6th Birthday release! In terms of price there have been some crazy highs and lows over the years (with highs of around $2.60 and lows of $0.000077!), but in terms of value– Groestlcoin just keeps getting more valuable! In these uncertain times, one thing remains clear – Groestlcoin will keep going and keep innovating regardless. On with what has been worked on and completed over the past few months.
UPDATED - Groestlcoin Core 2.18.2
This is a major release of Groestlcoin Core with many protocol level improvements and code optimizations, featuring the technical equivalent of Bitcoin v0.18.2 but with Groestlcoin-specific patches. On a general level, most of what is new is a new 'Groestlcoin-wallet' tool which is now distributed alongside Groestlcoin Core's other executables. NOTE: The 'Account' API has been removed from this version which was typically used in some tip bots. Please ensure you check the release notes from 2.17.2 for details on replacing this functionality.
Builds are now done through Gitian
Calls to getblocktemplate will fail if the segwit rule is not specified. Calling getblocktemplate without segwit specified is almost certainly a misconfiguration since doing so results in lower rewards for the miner. Failed calls will produce an error message describing how to enable the segwit rule.
A warning is printed if an unrecognized section name is used in the configuration file. Recognized sections are [test], [main], and [regtest].
Four new options are available for configuring the maximum number of messages that ZMQ will queue in memory (the "high water mark") before dropping additional messages. The default value is 1,000, the same as was used for previous releases.
The rpcallowip option can no longer be used to automatically listen on all network interfaces. Instead, the rpcbind parameter must be used to specify the IP addresses to listen on. Listening for RPC commands over a public network connection is insecure and should be disabled, so a warning is now printed if a user selects such a configuration. If you need to expose RPC in order to use a tool like Docker, ensure you only bind RPC to your localhost, e.g. docker run [...] -p 127.0.0.1:1441:1441 (this is an extra :1441 over the normal Docker port specification).
The rpcpassword option now causes a startup error if the password set in the configuration file contains a hash character (#), as it's ambiguous whether the hash character is meant for the password or as a comment.
The whitelistforcerelay option is used to relay transactions from whitelisted peers even when not accepted to the mempool. This option now defaults to being off, so that changes in policy and disconnect/ban behavior will not cause a node that is whitelisting another to be dropped by peers.
A new short about the JSON-RPC interface describes cases where the results of anRPC might contain inconsistencies between data sourced from differentsubsystems, such as wallet state and mempool state.
A new document introduces Groestlcoin Core's BIP174 interface, which is used to allow multiple programs to collaboratively work to create, sign, and broadcast new transactions. This is useful for offline (cold storage) wallets, multisig wallets, coinjoin implementations, and many other cases where two or more programs need to interact to generate a complete transaction.
The output script descriptor (https://github.com/groestlcoin/groestlcoin/blob/mastedoc/descriptors.md) documentation has been updated with information about new features in this still-developing language for describing the output scripts that a wallet or other program wants to receive notifications for, such as which addresses it wants to know received payments. The language is currently used in multiple new and updated RPCs described in these release notes and is expected to be adapted to other RPCs and to the underlying wallet structure.
A new --disable-bip70 option may be passed to ./configure to prevent Groestlcoin-Qt from being built with support for the BIP70 payment protocol or from linking libssl. As the payment protocol has exposed Groestlcoin Core to libssl vulnerabilities in the past, builders who don't need BIP70 support are encouraged to use this option to reduce their exposure to future vulnerabilities.
The minimum required version of Qt (when building the GUI) has been increased from 5.2 to 5.5.1 (the depends system provides 5.9.7)
getnodeaddresses returns peer addresses known to this node. It may be used to find nodes to connect to without using a DNS seeder.
listwalletdir returns a list of wallets in the wallet directory (either the default wallet directory or the directory configured bythe -walletdir parameter).
getrpcinfo returns runtime details of the RPC server. Currently, it returns an array of the currently active commands and how long they've been running.
deriveaddresses returns one or more addresses corresponding to an output descriptor.
getdescriptorinfo accepts a descriptor and returns information aboutit, including its computed checksum.
joinpsbts merges multiple distinct PSBTs into a single PSBT. The multiple PSBTs must have different inputs. The resulting PSBT will contain every input and output from all the PSBTs. Any signatures provided in any of the PSBTs will be dropped.
analyzepsbt examines a PSBT and provides information about what the PSBT contains and the next steps that need to be taken in order to complete the transaction. For each input of a PSBT, analyze psbt provides information about what information is missing for that input, including whether a UTXO needs to be provided, what pubkeys still need to be provided, which scripts need to be provided, and what signatures are still needed. Every input will also list which role is needed to complete that input, and analyzepsbt will also list the next role in general needed to complete the PSBT. analyzepsbt will also provide the estimated fee rate and estimated virtual size of the completed transaction if it has enough information to do so.
utxoupdatepsbt searches the set of Unspent Transaction Outputs (UTXOs) to find the outputs being spent by the partial transaction. PSBTs need to have the UTXOs being spent to be provided because the signing algorithm requires information from the UTXO being spent. For segwit inputs, only the UTXO itself is necessary. For non-segwit outputs, the entire previous transaction is needed so that signers can be sure that they are signing the correct thing. Unfortunately, because the UTXO set only contains UTXOs and not full transactions, utxoupdatepsbt will only add the UTXO for segwit inputs.
getpeerinfo now returns an additional minfeefilter field set to the peer's BIP133 fee filter. You can use this to detect that you have peers that are willing to accept transactions below the default minimum relay fee.
The mempool RPCs, such as getrawmempool with verbose=true, now return an additional "bip125-replaceable" value indicating whether thetransaction (or its unconfirmed ancestors) opts-in to asking nodes and miners to replace it with a higher-feerate transaction spending any of the same inputs.
settxfee previously silently ignored attempts to set the fee below the allowed minimums. It now prints a warning. The special value of"0" may still be used to request the minimum value.
getaddressinfo now provides an ischange field indicating whether the wallet used the address in a change output.
importmulti has been updated to support P2WSH, P2WPKH, P2SH-P2WPKH, and P2SH-P2WSH. Requests for P2WSH and P2SH-P2WSH accept an additional witnessscript parameter.
importmulti now returns an additional warnings field for each request with an array of strings explaining when fields are being ignored or are inconsistent, if there are any.
getaddressinfo now returns an additional solvable Boolean field when Groestlcoin Core knows enough about the address's scriptPubKey, optional redeemScript, and optional witnessScript for the wallet to be able to generate an unsigned input spending funds sent to that address.
The getaddressinfo, listunspent, and scantxoutset RPCs now return an additional desc field that contains an output descriptor containing all key paths and signing information for the address (except for the private key). The desc field is only returned for getaddressinfo and listunspent when the address is solvable.
importprivkey will preserve previously-set labels for addresses or public keys corresponding to the private key being imported. For example, if you imported a watch-only address with the label "coldwallet" in earlier releases of Groestlcoin Core, subsequently importing the private key would default to resetting the address's label to the default empty-string label (""). In this release, the previous label of "cold wallet" will be retained. If you optionally specify any label besides the default when calling importprivkey, the new label will be applied to the address.
getmininginfo now omits currentblockweight and currentblocktx when a block was never assembled via RPC on this node.
The getrawtransaction RPC & REST endpoints no longer check the unspent UTXO set for a transaction. The remaining behaviors are as follows:
If a blockhash is provided, check the corresponding block.
If no blockhash is provided, check the mempool.
If no blockhash is provided but txindex is enabled, also check txindex.
unloadwallet is now synchronous, meaning it will not return until the wallet is fully unloaded.
importmulti now supports importing of addresses from descriptors. A desc parameter can be provided instead of the "scriptPubKey" in are quest, as well as an optional range for ranged descriptors to specify the start and end of the range to import. Descriptors with key origin information imported through importmulti will have their key origin information stored in the wallet for use with creating PSBTs.
listunspent has been modified so that it also returns witnessScript, the witness script in the case of a P2WSH orP2SH-P2WSH output.
createwallet now has an optional blank argument that can be used to create a blank wallet. Blank wallets do not have any keys or HDseed. They cannot be opened in software older than 2.18.2. Once a blank wallet has a HD seed set (by using sethdseed) or private keys, scripts, addresses, and other watch only things have been imported, the wallet is no longer blank and can be opened in 2.17.2. Encrypting a blank wallet will also set a HD seed for it.
signrawtransaction is removed after being deprecated and hidden behind a special configuration option in version 2.17.2.
The 'account' API is removed after being deprecated in v2.17.2 The 'label' API was introduced in v2.17.2 as a replacement for accounts. See the release notes from v2.17.2 for a full description of the changes from the 'account' API to the 'label' API.
addwitnessaddress is removed after being deprecated in version 2.16.0.
generate is deprecated and will be fully removed in a subsequent major version. This RPC is only used for testing, but its implementation reached across multiple subsystems (wallet and mining), so it is being deprecated to simplify the wallet-node interface. Projects that are using generate for testing purposes should transition to using the generatetoaddress RPC, which does not require or use the wallet component. Calling generatetoaddress with an address returned by the getnewaddress RPC gives the same functionality as the old generate RPC. To continue using generate in this version, restart groestlcoind with the -deprecatedrpc=generate configuration option.
Be reminded that parts of the validateaddress command have been deprecated and moved to getaddressinfo. The following deprecated fields have moved to getaddressinfo: ismine, iswatchonly,script, hex, pubkeys, sigsrequired, pubkey, embedded,iscompressed, label, timestamp, hdkeypath, hdmasterkeyid.
The addresses field has been removed from the validateaddressand getaddressinfo RPC methods. This field was confusing since it referred to public keys using their P2PKH address. Clients should use the embedded.address field for P2SH or P2WSH wrapped addresses, and pubkeys for inspecting multisig participants.
A new /rest/blockhashbyheight/ endpoint is added for fetching the hash of the block in the current best blockchain based on its height (how many blocks it is after the Genesis Block).
A new Window menu is added alongside the existing File, Settings, and Help menus. Several items from the other menus that opened new windows have been moved to this new Window menu.
In the Send tab, the checkbox for "pay only the required fee" has been removed. Instead, the user can simply decrease the value in the Custom Fee rate field all the way down to the node's configured minimumrelay fee.
In the Overview tab, the watch-only balance will be the only balance shown if the wallet was created using the createwallet RPC and thedisable_private_keys parameter was set to true.
The launch-on-startup option is no longer available on macOS if compiled with macosx min version greater than 10.11 (useCXXFLAGS="-mmacosx-version-min=10.11" CFLAGS="-mmacosx-version-min=10.11" for setting the deployment sdkversion)
A new groestlcoin-wallet tool is now distributed alongside Groestlcoin Core's other executables. Without needing to use any RPCs, this tool can currently create a new wallet file or display some basic information about an existing wallet, such as whether the wallet is encrypted, whether it uses an HD seed, how many transactions it contains, and how many address book entries it has.
Since version 2.16.0, Groestlcoin Core's built-in wallet has defaulted to generating P2SH-wrapped segwit addresses when users want to receive payments. These addresses are backwards compatible with all widely used software. Starting with Groestlcoin Core 2.20.1 (expected about a year after 2.18.2), Groestlcoin Core will default to native segwitaddresses (bech32) that provide additional fee savings and other benefits. Currently, many wallets and services already support sending to bech32 addresses, and if the Groestlcoin Core project sees enough additional adoption, it will instead default to bech32 receiving addresses in Groestlcoin Core 2.19.1. P2SH-wrapped segwit addresses will continue to be provided if the user requests them in the GUI or by RPC, and anyone who doesn't want the update will be able to configure their default address type. (Similarly, pioneering users who want to change their default now may set the addresstype=bech32 configuration option in any Groestlcoin Core release from 2.16.0 up.)
BIP 61 reject messages are now deprecated. Reject messages have no use case on the P2P network and are only logged for debugging by most network nodes. Furthermore, they increase bandwidth and can be harmful for privacy and security. It has been possible to disable BIP 61 messages since v2.17.2 with the -enablebip61=0 option. BIP 61 messages will be disabled by default in a future version, before being removed entirely.
The submitblock RPC previously returned the reason a rejected block was invalid the first time it processed that block but returned a generic "duplicate" rejection message on subsequent occasions it processed the same block. It now always returns the fundamental reason for rejecting an invalid block and only returns "duplicate" for valid blocks it has already accepted.
A new submitheader RPC allows submitting block headers independently from their block. This is likely only useful for testing.
The signrawtransactionwithkey and signrawtransactionwithwallet RPCs have been modified so that they also optionally accept a witnessScript, the witness script in the case of a P2WSH orP2SH-P2WSH output. This is compatible with the change to listunspent.
For the walletprocesspsbt and walletcreatefundedpsbt RPCs, if thebip32derivs parameter is set to true but the key metadata for a public key has not been updated yet, then that key will have a derivation path as if it were just an independent key (i.e. no derivation path and its master fingerprint is itself).
The -usehd configuration option was removed in version 2.16.0 From that version onwards, all new wallets created are hierarchical deterministic wallets. This release makes specifying -usehd an invalid configuration option.
This release allows peers that your node automatically disconnected for misbehaviour (e.g. sending invalid data) to reconnect to your node if you have unused incoming connection slots. If your slots fill up, a misbehaving node will be disconnected to make room for nodes without a history of problems (unless the misbehaving node helps your node in some other way, such as by connecting to a part of the Internet from which you don't have many other peers). Previously, Groestlcoin Core banned the IP addresses of misbehaving peers for a period (default of 1 day); this was easily circumvented by attackers with multiple IP addresses. If you manually ban a peer, such as by using the setban RPC, all connections from that peer will still be rejected.
The key metadata will need to be upgraded the first time that the HDseed is available. For unencrypted wallets this will occur on wallet loading. For encrypted wallets this will occur the first time the wallet is unlocked.
Newly encrypted wallets will no longer require restarting the software. Instead such wallets will be completely unloaded and reloaded to achieve the same effect.
A sub-project of Bitcoin Core now provides Hardware Wallet Interaction (HWI) scripts that allow command-line users to use several popular hardware key management devices with Groestlcoin Core. See their project page for details.
This release changes the Random Number Generator (RNG) used from OpenSSL to Groestlcoin Core's own implementation, although entropy gathered by Groestlcoin Core is fed out to OpenSSL and then read back in when the program needs strong randomness. This moves Groestlcoin Core a little closer to no longer needing to depend on OpenSSL, a dependency that has caused security issues in the past. The new implementation gathers entropy from multiple sources, including from hardware supporting the rdseed CPU instruction.
On macOS, Groestlcoin Core now opts out of application CPU throttling ("app nap") during initial blockchain download, when catching up from over 100 blocks behind the current chain tip, or when reindexing chain data. This helps prevent these operations from taking an excessively long time because the operating system is attempting to conserve power.
How to Upgrade?
Windows If you are running an older version, shut it down. Wait until it has completely shut down (which might take a few minutes for older versions), then run the installer. OSX If you are running an older version, shut it down. Wait until it has completely shut down (which might take a few minutes for older versions), run the dmg and drag Groestlcoin Core to Applications. Ubuntu http://groestlcoin.org/forum/index.php?topic=441.0
ALL NEW - Groestlcoin Moonshine iOS/Android Wallet
Built with React Native, Moonshine utilizes Electrum-GRS's JSON-RPC methods to interact with the Groestlcoin network. GRS Moonshine's intended use is as a hot wallet. Meaning, your keys are only as safe as the device you install this wallet on. As with any hot wallet, please ensure that you keep only a small, responsible amount of Groestlcoin on it at any given time.
Groestlcoin Mainnet & Testnet supported
Multiple wallet support
Electrum - Support for both random and custom peers
Biometric + Pin authentication
Custom fee selection
Import mnemonic phrases via manual entry or scanning
BIP39 Passphrase functionality
Support for Segwit-compatible & legacy addresses in settings
Support individual private key sweeping
UTXO blacklisting - Accessible via the Transaction Detail view, this allows users to blacklist any utxo that they do not wish to include in their list of available utxo's when sending transactions. Blacklisting a utxo excludes its amount from the wallet's total balance.
Ability to Sign & Verify Messages
Support BitID for password-free authentication
Coin Control - This can be accessed from the Send Transaction view and basically allows users to select from a list of available UTXO's to include in their transaction.
HODL GRS connects directly to the Groestlcoin network using SPV mode and doesn't rely on servers that can be hacked or disabled. HODL GRS utilizes AES hardware encryption, app sandboxing, and the latest security features to protect users from malware, browser security holes, and even physical theft. Private keys are stored only in the secure enclave of the user's phone, inaccessible to anyone other than the user. Simplicity and ease-of-use is the core design principle of HODL GRS. A simple recovery phrase (which we call a Backup Recovery Key) is all that is needed to restore the user's wallet if they ever lose or replace their device. HODL GRS is deterministic, which means the user's balance and transaction history can be recovered just from the backup recovery key.
Simplified payment verification for fast mobile performance
Groestlcoin Seed Savior is a tool for recovering BIP39 seed phrases. This tool is meant to help users with recovering a slightly incorrect Groestlcoin mnemonic phrase (AKA backup or seed). You can enter an existing BIP39 mnemonic and get derived addresses in various formats. To find out if one of the suggested addresses is the right one, you can click on the suggested address to check the address' transaction history on a block explorer.
If a word is wrong, the tool will try to suggest the closest option.
If a word is missing or unknown, please type "?" instead and the tool will find all relevant options.
NOTE: NVidia GPU or any CPU only. AMD graphics cards will not work with this address generator. VanitySearch is a command-line Segwit-capable vanity Groestlcoin address generator. Add unique flair when you tell people to send Groestlcoin. Alternatively, VanitySearch can be used to generate random addresses offline. If you're tired of the random, cryptic addresses generated by regular groestlcoin clients, then VanitySearch is the right choice for you to create a more personalized address. VanitySearch is a groestlcoin address prefix finder. If you want to generate safe private keys, use the -s option to enter your passphrase which will be used for generating a base key as for BIP38 standard (VanitySearch.exe -s "My PassPhrase" FXPref). You can also use VanitySearch.exe -ps "My PassPhrase" which will add a crypto secure seed to your passphrase. VanitySearch may not compute a good grid size for your GPU, so try different values using -g option in order to get the best performances. If you want to use GPUs and CPUs together, you may have best performances by keeping one CPU core for handling GPU(s)/CPU exchanges (use -t option to set the number of CPU threads).
Fixed size arithmetic
Fast Modular Inversion (Delayed Right Shift 62 bits)
SecpK1 Fast modular multiplication (2 steps folding 512bits to 256bits using 64 bits digits)
Use some properties of elliptic curve to generate more keys
SSE Secure Hash Algorithm SHA256 and RIPEMD160 (CPU)
Groestlcoin EasyVanity 2020 is a windows app built from the ground-up and makes it easier than ever before to create your very own bespoke bech32 address(es) when whilst not connected to the internet. If you're tired of the random, cryptic bech32 addresses generated by regular Groestlcoin clients, then Groestlcoin EasyVanity2020 is the right choice for you to create a more personalised bech32 address. This 2020 version uses the new VanitySearch to generate not only legacy addresses (F prefix) but also Bech32 addresses (grs1 prefix).
Ability to continue finding keys after first one is found
Includes warning on start-up if connected to the internet
Ability to output keys to a text file (And shows button to open that directory)
Show and hide the private key with a simple toggle switch
Show full output of commands
Ability to choose between Processor (CPU) and Graphics Card (GPU) ( NVidia ONLY! )
Features both a Light and Dark Material Design-Style Themes
Free software - MIT. Anyone can audit the code.
Written in C# - The code is short, and easy to review.
Groestlcoin WPF is an alternative full node client with optional lightweight 'thin-client' mode based on WPF. Windows Presentation Foundation (WPF) is one of Microsoft's latest approaches to a GUI framework, used with the .NET framework. Its main advantages over the original Groestlcoin client include support for exporting blockchain.dat and including a lite wallet mode. This wallet was previously deprecated but has been brought back to life with modern standards.
Works via TOR or SOCKS5 proxy
Can use bootstrap.dat format as blockchain database
Import/Export blockchain to/from bootstrap.dat
Import wallet.dat from Groestlcoin-qt wallet
Export wallet to wallet.dat
Use both groestlcoin-wpf and groestlcoin-qt with the same addresses in parallel. When you send money from one program, the transaction will automatically be visible on the other wallet.
Rescan blockchain with a simple mouse click
Works as a full node and listens to port 1331 (listening port can be changed)
Fast Block verifying, parallel processing on multi-core CPUs
Mine Groestlcoins with your CPU by a simple mouse click
All private keys are kept encrypted on your local machine (or on a USB stick)
Lite - Has a lightweight "thin client" mode which does not require a new user to download the entire Groestlcoin chain and store it
Free and decentralised - Open Source under GNU license
Fixed Import/Export to wallet.dat
Rescan wallet option
Change wallet password option
Address type and Change type options through *.conf file
Import from bootstrap.dat - It is a flat, binary file containing Groestlcoin blockchain data, from the genesis block through a recent height. All versions automatically validate and import the file "grs.bootstrap.dat" in the GRS directory. Grs.bootstrap.dat is compatible with Qt wallet. GroestlCoin-Qt can load from it.
In Full mode file %APPDATA%\Groestlcoin-WPF\GRS\GRS.bootstrap.dat is full blockchain in standard bootstrap.dat format and can be used with other clients.
Groestlcoin Electrum Personal Server aims to make using Electrum Groestlcoin wallet more secure and more private. It makes it easy to connect your Electrum-GRS wallet to your own full node. It is an implementation of the Electrum-grs server protocol which fulfils the specific need of using the Electrum-grs wallet backed by a full node, but without the heavyweight server backend, for a single user. It allows the user to benefit from all Groestlcoin Core's resource-saving features like pruning, blocks only and disabled txindex. All Electrum-GRS's feature-richness like hardware wallet integration, multi-signature wallets, offline signing, seed recovery phrases, coin control and so on can still be used, but connected only to the user's own full node. Full node wallets are important in Groestlcoin because they are a big part of what makes the system be trust-less. No longer do people have to trust a financial institution like a bank or PayPal, they can run software on their own computers. If Groestlcoin is digital gold, then a full node wallet is your own personal goldsmith who checks for you that received payments are genuine. Full node wallets are also important for privacy. Using Electrum-GRS under default configuration requires it to send (hashes of) all your Groestlcoin addresses to some server. That server can then easily spy on your transactions. Full node wallets like Groestlcoin Electrum Personal Server would download the entire blockchain and scan it for the user's own addresses, and therefore don't reveal to anyone else which Groestlcoin addresses they are interested in. Groestlcoin Electrum Personal Server can also broadcast transactions through Tor which improves privacy by resisting traffic analysis for broadcasted transactions which can link the IP address of the user to the transaction. If enabled this would happen transparently whenever the user simply clicks "Send" on a transaction in Electrum-grs wallet. Note: Currently Groestlcoin Electrum Personal Server can only accept one connection at a time.
Use your own node
Uses less CPU and RAM than ElectrumX
Used intermittently rather than needing to be always-on
Doesn't require an index of every Groestlcoin address ever used like on ElectrumX
UPDATED – Android Wallet 7.38.1 - Main Net + Test Net
The app allows you to send and receive Groestlcoin on your device using QR codes and URI links. When using this app, please back up your wallet and email them to yourself! This will save your wallet in a password protected file. Then your coins can be retrieved even if you lose your phone.
Add confidence messages, helping users to understand the confidence state of their payments.
Handle edge case when restoring via an external app.
Count devices with a memory class of 128 MB as low ram.
Introduce dark mode on Android 10 devices.
Reduce memory usage of PIN-protected wallets.
Tapping on the app's version will reveal a checksum of the APK that was installed.
Fix issue with confirmation of transactions that empty your wallet.
Groestlcoin Sentinel is a great solution for anyone who wants the convenience and utility of a hot wallet for receiving payments directly into their cold storage (or hardware wallets). Sentinel accepts XPUB's, YPUB'S, ZPUB's and individual Groestlcoin address. Once added you will be able to view balances, view transactions, and (in the case of XPUB's, YPUB's and ZPUB's) deterministically generate addresses for that wallet. Groestlcoin Sentinel is a fork of Groestlcoin Samourai Wallet with all spending and transaction building code removed.
PSA: If you have TeamViewer installed, your bitcoins may be at risk!
This user lost 40 BTC yesterday due to TeamViewer being exploited while he was sleeping. This is not the first occurrence. If I had TeamViewer installed on a machine used for bitcoin storage or transactions (or anything financially related), I would consider the private keys compromised and proceed to move them to cold storage immediately. If you have questions about cold storage, or need additional resources, just ask! There are many people willing to help.
Groestlcoin September 2019 Development Release/Update!
For a more interactive view of changes, click here In our current world; bordering on financial chaos, with tariff wars, Brexit and hyperinflation rife, you can count on Groestlcoin to consistently produce innovation that strikes to take the power away from the few and into the many, even after a full five and a half years of solid development. Here is what the team has already announced in the last 3 months since the last development update:
Groestl Nodes aims to map out and compare the status of the Groestlcoin mainnet and testnet networks. Even though these networks share the same protocol, there is currently no way to directly compare these coins in a single location. These statistics are essential to evaluate the relative health of both networks.
Shows Onion (Tor) nodes
Shows IPv6 nodes
Supports both main net and test net
Node Checker – Check the status of a remote node
Ability to download node data by CSV, JSON or TXT format
Ability to download unique address data by CSV, JSON or TXT format
This is a tool for creating unsigned raw Groestlcoin transactions and also to verify existing transactions by entering in the transaction hex and converting this to a human-readable format to verify that a transaction is correct before it is signed.
Create Raw Unsigned Groestlcoin transactions
Generates a QR code for the transaction
Compatible with most Groestlcoin wallets including but not restricted to Groestlcoin Core and Electrum-GRS
Estimates final signed transaction size
Taking a raw transaction format and shows its Transaction ID, Transaction Inputs and Outputs
AGCore is an Android app designed to make it easier to run a Groestlcoin Core node on always-on Android appliances such as set-top boxes, Android TVs and repurposed tablets/phones. If you are a non-technical user of Groestlcoin and want an Android app that makes it easy to run a Groestlcoin Core node by acting as a wrapper, then AG Core is the right choice for you.
Update to Groestlcoin Core 2.17.2
Switched to native builds via NDK for Groestlcoin Core resulting in a smaller footprint.
Added embedded tor
Added tor pairing support
TOR upgrade bug fixes
Improved blockchain Sync progress using getblockchaininfo verificationprogress
Improved package download progress bar
Added support for external storage access > Android M
Added support for Android Oreo, including new notification mechanism
Bump Fee (RBF) improvements – Implemented a new fee-bump strategy that can add new inputs, so now any transaction can be fee-bumped. The old strategy was to decrease the value of outputs (starting with change). We will now try the new strategy first, and only use the old as a fallback.
Coin Choser improvements
More likely to construct transactions without change (where possible)
Less likely to construct transactions with really small change
Only spend negative effective value coins when beneficial for privacy
Fix long-standing bug that broke wallets with >65k addresses
Windows binaries: Now build the PyInstaller bootloader ourselves, as this seems to reduce anti-virus false positives
Fix performance regression for large wallets
Fix high-DPI issues related to text fields
Trezor – Allow bypassing 'too old firmware' error
Trezor – Use only the Bridge to scan devices if it is available
Hardware wallets – On Win10-1903, some hardware devices with U2F functionality can only be detected with Administrator privileges. A workaround is to run as Admin, or for Trezor to install the Bridge.
The AppImage Linux x86_64 binary and the Windows setup.exe are now built reproducibly.
Fix watch-only wallets that could not bump fee in some scenarios
Faster transaction signing for segwit inputs or really large transactions.
Groestlwallet is designed to protect you from malware, browser security holes, even physical theft. With AES hardware encryption, app sandboxing, keychain and code signatures, groestlwallet represents a significant security advance over web and desktop wallets, and other mobile platforms. Simplicity is groestlwallet's core design principle. Because groestlwallet is "deterministic", your balance and entire transaction history can be restored from just your recovery phrase.
iOS 0.7.3 Changes
Fix BIP70 payments
Updated QR Scanner
Lowered spending limit
Updated DNS Seeds
Fixed URL Scheme
Fixed GRS Name in mailing
Fixed crash upon starting in some scenarios
Android v89 Changes
Use default fee
Republished on Google Play by removing send_sms permissions
If you don't own the keys, you don't own any Bitcoins
Honestly, how often does this need to be posted? All these people getting their coins stolen from blockchain.info, didn't you learn your lesson from Mt.Gox? I know, I know, blockchain.info is not an exchange. It doesn't matter, you need to own the private key and make sure no one else has access to it. That's the only way your coins are secure. Are you going to post your ATM PIN online? For long term savings, print a BIP38 paper wallet on an offline computer & printer. If you don't want to go thru the hassle, buy trezor or piper wallet. (I like piper because it let's me print wallets for friends) For spending, get yourself Breadwallet on iOS or mycelium on android. DO NOT LEAVE YOUR MONEY ONLINE, ANYWHERE. Not Coinbase, Not Circle, not BlockChain.info, not anywhere but your own wallet created by you. Otherwise, what's the point of owning bitcoin? You're giving the power away by handing your keys to someone else.
As per usual the 3 months has been all hand-on-deck, helping to bring further adoption utilities to Groestlcoin. The markets have been red but as always that doesn't stop the show from going on with regards to the development since the last release update on 24th September. Here's a recap of what has happened so far:
Groestlcoin was added to Changelly. One of the leading Crypto-to-Crypto exchanges that offer some of the best rates on the market – You can also buy with a debit/credit card too and you can buy/sell Groestlcoin directly from your Coinomi wallet, from the website https://groestlcoin.org#exchanges, and you can enable Changelly swaps on your GRSPay stores!
Groestlcoin was added to the JAXX Liberty wallet! One of the leading multi-crypto wallets in the stores. Safely store your GRS on Android, iOS, Mac OS X, Windows, Linux or Google Chrome. With Jaxx Liberty you are always in control of your private keys, and you can use your wallet on multiple devices. Note: This directly replaces the deprecated JS Wallet which was of a similar (but older) codebase.
Groestlcoin was integrated into AtomicPay – A decentralised cryptocurrency payment processor that eliminates the involvement of a third-party gateway, allowing merchants to accept payments directly from their customers, with over 2500 merchants already signed up, a public release is set for Mid-January 2019.
Huobi officially opened trading for Groestlcoin to Korean customers! And in addition, a giveaway of up to 10,000 GRS was held!
Unocoin ATMs started supporting Groestlcoin at their ATMs, granting the Indian community the ability to withdraw (For INR) and deposit Groestlcoin into their UnoDax account. Groestlcoin $GRS is available on #Unodax exchange with the following pairs: $INR, $TUSD, $BTC.
Groestlcoin was listed on SWFT BLOCKCHAIN, giving you more opportunities to swap your other altcoins with Groestlcoin or vice versa, quickly and securely.
Groestlcoin was added to One Page Exchange! Where you can buy and sell Groestlcoin quickly and easily without any form of registration!
CryptoWolf started accepting VISA, Mastercard and Maesto to buy cryptocurrencies from the CryptoWolf exchange in EUR or USD! Providing a new FIAT gateway to buy Groestlcoin.
Groestlcoin has been added to CoinZark (Formally VertPig) for fast and efficient Crypto-to-Crypto swaps at very competitive rates using exchange aggregates.
Groestlcoin was added to PungoWallet! Pungo wallet is built to showcase the features that anyone can achieve with blockchain technology. They have built a set of modular solutions that allow any company to build a blockchain layer to interact with traditional software.
Groestlcoin was added to StealthEX, offering anonymous cryptocurrency swaps with tens of other coins without disclosing any personal information. Just choose the pairs, enter your address, send your coins and receive your funds!
Groestlcoin joined InvestFeed, granting a company listing and blue verified badge.
Groestlcoin was officially added to Blockfolio Signals – For those of you that use Blockfolio, you can keep updated with all the latest news straight from the app, via the Signals icon.
Groestlcoin has been added to DeltaDirect – Those using Delta can now stay up-to-date with the latest Groestlcoin news, straight from your Delta portfolio tracker app.
Groestlcoin has been added to CoinGecko Beam – Where you can easily follow us and receive updates without searching through social media.
Groestlcoin is now live on BitUniverse Link! All of the latest Groestlcoin updates and news will be directly available on BItUniverse.
Groestlcoin was added to NovaExchange! Launched in 2016 and operating from Sweden, users can trade over 300 different digital assets.
As of the latest version of the Trezor Model T firmware, Groestlcoin is now officially supported! The Trezor Model T is the next-generation cryptocurrency hardware wallet, designed to be your universal vault for all of your digital assets. Store and encrypt your coins, passwords and other digital keys with confidence. The Trezor Model T now supports over 500 cryptocurrencies.
Blockbook MainNet & TestNet Block Explorer
Blockbook is an open-source Groestlcoin blockchain explorer with complete REST and websocket APIs that can be used for writing web wallets and other apps that need more advanced blockchain queries than provided by groestlcoind RPC. Blockbook REST API provides you with a convenient, powerful and simple way to read data from the groestlcoin network and with it, build your own services.
Support to broadcast transactions online. Broadcast a raw transaction in hex format over the Groestlcoin network.
Supports every web browser
API – Complete REST and Websocket API for querying blocks, transactions and addresses; and receiving live updates
Light – Thin data model using groestlcoind RPC interface to validate blockchain information. Fast groestlcoind blockchain synchronisation (~1hrs for the entire mainnet), using RocksDB for data storage and optionally raw groestlcoind data files processing.
Exhaustive – Reports on double spend attempts, outpoint confirmations, outputs spend status reports. Input and Output hyperlinks in transactions. Extended view in transactions to show advanced details.
Open Source, written in the Go programming language.
Groestlcoin has been added to the Edge wallet for Android and iOS. Edge wallet is secure, private and intuitive. By including support for ShapeShift, Simplex and Changelly, Edge allows you to seamlessly shift between digital currencies, anywhere with an internet connection.
Multi-Asset Support. Supporting Bitcoin, Ethereum, Groestlcoin and many others, you can safely hold your coins.
Exchange Support – Supporting Shapeshift, Simplex and Changelly enables the user to seamlessly shift between digital currencies as if you were storing your funds on an exchange.
In-app buying and selling, exchange your FIAT for cryptocurrency directly within the app.
Encrypted with a username and password. Seamless login into multiple devices.
Easy, secure access with PIN or fingerprint. Additionally, supporting 2FA authentication.
Client-side encryption – All of your data is encrypted on your device before any of your information touches the Edge servers. Being free from server-side hacks and malware means that your assets are as secure as they can be.
We are excited to announce that Groestlcoin has been added to CoinID! With integrated cold and hot wallet support, and a host of other unique wallet features, CoinID can easily become your go-to wallet for storing Groestlcoin. More details can be found here: https://coinid.org/s/groestlcoin-wallet-overview.pdf
Integrated Cold wallet. Store your funds offline and sleep tight at night. All you need is a separate Android or iOS device.
Transaction Batching – A feature normally reserved for exchanges, CoinID supports transaction batching, allowing the user to group transactions into one, saving space on the blockchain and lowering your transaction fees considerably as a result.
Complete control – Your private keys never leaves your device. "If you don’t control your private keys, you don’t own your coins".
SegWit support – Support for Segregated Witness, which means smaller transaction sizes, lower fees, and supporting all 3 address types (grs1, 3, F).
Hierarchical Deterministic – Use a single set of keys for multiple coins and addresses. When an address is used, a new one is generated.
Cross-Platform – Built with React Native for rapid development cycles and cross-platform support.
The Groestlcoin BIP39 tool is an open-source web tool for converting BIP39 mnemonic codes to addresses and private keys. This enables the greatest security against third-party wallets potentially disappearing – You’ll still have access to your funds thanks to this tool. What’s New
Added Coinomi, Ledger Client, Groestlcoinomi, Trezor, Safe T, Core, Groestlpay and Samourai to BIP32 Tab
Added BIP49 support
Add BIP38 support
Add CSV tab for derived addresses
BIP84 tab for derivation path
Display version number in top right corner
Groestlcoin ticker is now also displayed
Refactor method to clear old data from the display
BIP44 ‘purpose’ and ‘coin’ fields have been made read only
Tab Order is now alphabetical
Improve showing feedback for pending calculations
Show error when using XPUB with hardened addresses
Rename variables for clarity between BIP49 and P2WPKH Nested in P2SH
QR Codes use correctLevel 3 instead of 2
Update compile script to work across python 2 and 3
Add BIP49 to More Info section
Reword entropy text to indicate using a single source only
Detect and warn when entropy is filtered / discarded
Use new xpub/xprv prefixes for Segwit BIP49
Allow more rows to be generated starting from a custom index
BIP141 tab added for full Segwit compatibility
Show list of word indexes. Checksum shows in entropy details
Populate entropy field with hex value used from PRNG
QR codes with accents now work correctly by replacing jquery.qrcode with kjua
Allow initial number of rows to be set by the user
Raw entropy shows groupings with space every 11 bits for easier usage
Warn that entropy values should exclude checksum
Warn when generating low entropy mnemonics
Warn when overriding weak entropy with a strong mnemonic length
Allow XPUB to be used as root key for Segwit derivations
Add visual privacy safeguard. List alternative tools
Update bootstrap from 3.2.0 to 3.3.7 and jQuery from 2.1.1 to 3.2.1
GroestlcoinJS library upgraded to v3.3.2
General code refactoring, numerous performance improvements and bug fixes
Electrum-GRS is a lightweight "thin client" Groestlcoin wallet Windows, MacOS and Linux based on a client-server protocol. Its main advantages over the original Groestlcoin client include support for multi-signature wallets and not requiring the download of the entire block chain. What’s New
HARDWARE WALLET SUPPORT: Archos Safe-T Mini is now fully supported
Electrum + Android Version 3.2.3:
If a BIP39 seed extension/passphrase contained multiple consecutive whitespaces or leading/trailing whitespaces, then the derived addresses were not following spec. This has been fixed, and anyone affected should move their codes. The wizard will show a warning in this case.
The PRNG used has been changed
Fix Linux distributable, ‘typing’ was not bundled and was required for Python 3.4
Fix spending from Segwit multi-sig wallets involving a Trezor co-signer when using a custom derivation path.
Several other minor bugfixes and usability improvements.
ivendPay and Groestlcoin cryptocurrency have announced the start of integration. IT company ivendPay, the developer of a universal multicurrency payment module for automatic and retail trade, intends to integrate Groestlcoin cryptocurrency — one of the oldest and the most reputable Bitcoin forks into the payment system. Groestlcoin is characterized by instant transactions with almost zero commission and is optimal for mass retail trade where micropayments are mostly used. According to Sergey Danilov, founder and CEO of ivendPay, Groestlcoin will become the 11th cryptocurrency integrated into the payment module. The first working vending machines for the sale of coffee, snacks and souvenirs, equipped with ivendPay modules, served the visitors of the CryptoEvent RIW exhibition at VDNKh in Moscow and accepted Bitcoin, Go Byte, Dash, Bitcoin Cash, Ethereum, Ethereum Classic, Zcash, Bitcoin Gold, Dogecoin and Emercoin. ivendPay terminals are designed and patented to accept payments in electronic money, cryptocurrencies and cash when connecting the corresponding cash terminal. Payment for the purchase takes a few seconds, the choice of the payment currency occurs at the time of placing the order on the screen, the payment is made by QR-code through the cryptocurrency wallet on the smartphone. The interest in equipping vending machines with ivendPay terminals has already been shown by the companies of Malaysia and Israel, where first test networks would be installed. ivendPay compiles a waiting list for vending networks interested in buying terminals and searches for an investor to launch industrial production. According to Sergey Danilov, the universal payment terminal ivendPay for the vending machine will cost about $500. The founder of ivendPay has welcomed the appearance of Groestlcoin among integrated cryptocurrencies, as it is another step towards the realization of the basic idea of digital money - free and cross-border access to goods and services for everybody.
PRACTICE! Go through all the steps, then make sure you can load up the private key with a wallet software. Then once you know that you are doing it right, destroy the address and make a new one for real.
Question about BIP38. Noob trying to figure it out.
Alright, so forgive me if this is a dumb question, but I have not been able to find any info that answered my question so I though I'd ask here. I'm trying to figure out BIP38. I was using offline bit2factor to encrypt a private ID. Now that it is passphrased, I dont really understand how to use it. To use the private ID, do I now have to decrypt my passphrased ID using bit2factor again, OR do I use my passphrase ID like I would my private ID, and I should be prompted for a password? My biggest problem so far has been with QR codes...so I passphrased my ID, then used qrcode.littleidiot.be to generate a QR code, but when I scan it with Baseline (iOS app), the text that appears is not the passphrased ID I had pasted, and Im not prompted for any sort of password. explain it to me like I'm 5?
This is my handout for paranoid people who want a way to store bitcoin safely. It requires a little work, but this is the method I use because it should be resistant to risks associated with:
Bad random number generators
Malicious or flawed software
If you want a method that is less secure but easier, skip to the bottom of this post. The Secure Method
Download bitaddress.org. (Try going to the website and pressing "ctrl+s")
Put the bitaddress.org file on a computer with an operating system that has not interacted with the internet much or at all. The computer should not be hooked up to the internet when you do this. You could put the bitaddress file on a USB stick, and then turn off your computer, unplug the internet, and boot it up using a boot-from-CD copy of linux (Ubuntu or Mint for example). This prevents any mal-ware you may have accumulated from running and capturing your keystrokes. I use an old android smart phone that I have done a factory reset on. It has no sim-card and does not have the password to my home wifi. Also the phone wifi is turned off. If you are using a fresh operating system, and do not have a connection to the internet, then your private key will probably not escape the computer.
Roll a die 62 times and write down the sequence of numbers. This gives you 2160 possible outcomes, which is the maximum that Bitcoin supports.
Run bitaddress.org from your offline computer. Input the sequence of numbers from the die rolls into the "Brain Wallet" tab. By providing your own source of randomness, you do not have to worry that the random number generator used by your computer is too weak. I'm looking at you, NSA ಠ_ಠ
Brain Wallet tab creates a private key and address.
Write down the address and private key by hand or print them on a dumb printer. (Dumb printer means not the one at your office with the hard drive. Maybe not the 4 in 1 printer that scans and faxes and makes waffles.) If you hand copy them you may want to hand copy more than one format. (WIF and HEX). If you are crazy and are storing your life savings in Bitcoin, and you hand copy the private key, do a double-check by typing the private key back into the tool on the "Wallet Details" tab and confirm that it recreates the same public address.
Load your paper wallet by sending your bitcoin to the public address. You can do this as many times as you like.
You can view the current balance of your paper wallet by typing the public address into the search box at blockchain.info
If you are using an old cell phone or tablet do a factory reset when you are finished so that the memory of the private keys is destroyed. If you are using a computer with a boot-from-CD copy of linux, I think you can just power down the computer and the private keys will be gone. (Maybe someone can confirm for me that the private keys would not be able to be cached by bitaddress?)
To spend your paper wallet, you will need to either create an offline transaction, or import the private key into a hot wallet. Creating an offline transaction is dangerous if you don't know what you are doing. Importing to a client side wallet like Bitcoin-Qt, Electrum, MultiBit or Armory is a good idea. You can also import to an online wallet such as Blockchain.info or Coinbase.
Trusting bitaddress.org The only thing you need bitaddress.org to do is to honestly convert the brainwallet passphrase into the corresponding private key and address. You can verify that it is doing this honestly by running several test passphrases through the copy of bitaddress that you plan on using, and several other brainwallet generators. For example, you could use the online version of bitaddress, and brainwallet and safepaperwallet and bitcoinpaperwallet. If you are fancy with the linux command line, you can also try "echo -n my_die_rolls | sha256sum". The linux operating system should reply with the same private key that bitaddress makes. This protects you from a malicious paper wallet generator. Trusting your copy of bitaddress.org Bitaddress publishes the sha1 hash of the bitaddress.org website at this location: https://www.bitaddress.org/pgpsignedmsg.txt The message is signed by the creator, pointbiz. I found his PGP fingerprint here: https://github.com/pointbiz/bitaddress.org/issues/18 "527B 5C82 B1F6 B2DB 72A0 ECBF 8749 7B91 6397 4F5A" With this fingerprint, you can authenticate the signed message, which gives you the hash of the current bitaddress.org file. Then you can hash your copy of the file and authenticate the file. I do not have a way to authenticate the fingerprint itself, sorry. According to the website I linked to, git has cryptographic traceability that would enable a person to do some research and authenticate the fingerprint. If you want to go that far, knock yourself out. I think that the techniques described in this document do not really rely on bitaddress being un-corrupt. Anyway, how do we know pointbiz is a good guy? ;-) There are a lot of skilled eyes watching bitaddress.org and the signed sha1 hash. To gain the most benefit from all of those eyes, it's probably worthwhile to check your copy by hashing it and comparing to the published hash. "But we aren't supposed to use brainwallets" You are not supposed to use brainwallets that have predictable passphrases. People think they are pretty clever about how they pick their passphrases, but a lot of bitcoins have been stolen because people tend to come up with similar ideas. If you let dice generate the passphrase, then it is totally random, and you just need to make sure to roll enough times. How to avoid spending your life rolling dice When I first started doing this, I rolled a die 62 times for each private key. This is not necessary. You can simply roll the die 62 times and keep the sequence of 62 numbers as a "seed". The first paper address you create would use "my die rolls-1" as the passphrase, the second would be "my die rolls-2" and so on. This is safe because SHA256 prevents any computable relationship between the resulting private key family. Of course this has a certain bad security scenario -- if anyone obtains the seed they can reconstruct all of your paper wallets. So this is not for everyone! On the other hand, it also means that if you happen to lose one of your paper wallets, you could reconstruct it so long as you still had the seed. One way to reduce this risk is to add an easy to remember password like this: "my die rolls-password-1". If you prefer, you can use a technique called diceware to convert your die rolls to words that still contain the same quantity of entropy, but which could be easier to work with. I don't use diceware because it's another piece of software that I have to trust, and I'm just copy/pasting my high entropy seed, so I don't care about how ugly it is. Why not input the dice as a Base 6 private key on the Wallet Details tab? Two reasons. First of all, this option requires that you roll the die 99 times, but you do not get meaningful additional protection by rolling more than 62 times. Why roll more times if you don't have to? Second, I use the "high entropy seed" method to generate multiple private keys from the same die rolls. Using the Base 6 option would require rolling 99 times for every private key. I'm a big nerd with exotic dice. How many times to roll? Put this formula in Excel to get the number of times to roll: "=160*LOG(2,f)" where f = number of faces on the die. For example, you would roll a d16 40 times. By the way, somewhat unbelievably casino dice are more fair than ordinary dice The "Change address" problem: You should understand change addresses because some people have accidentally lost money by not understanding it. Imagine your paper wallet is a 10 dollar bill. You use it to buy a candy bar. To do this you give the cashier the entire 10 dollar bill. They keep 1 dollar and give you 9 dollars back as change. With Bitcoin, you have to explicitly say that you want 9 dollars back, and you have to provide an address where it should go to. If you just hand over the 10 dollar bill, and don't say you want 9 dollars back, then the miner who processes the transaction gives 1 dollar to the store and keeps the remainder themselves. Wallet software like Bitcoin-Qt handles this automatically for you. They automatically make "change addresses" and they automatically construct transactions that make the change go to the change address. There are three ways I know of that the change problem can bite you:
You generate a raw transaction by hand, and screw up. If you are generating a transaction "by hand" with a raw transaction editor, you need to be extra careful that your outputs add up to the same number as your inputs. Otherwise, the very lucky miner who puts your transaction in a block will keep the difference.
You import a paper wallet into a wallet software and spend part of it, and then think that the change is in the paper wallet. The change is not in the paper wallet. It is in a change address that the wallet software generated. That means that if you lose your wallet.dat file you will lose all the change. The paper wallet is empty.
You import a paper wallet into a wallet software and spend part of it, and then think that the change is in the change address that the wallet software generated. If the transaction did not need to consume all of the "outputs" used to fund the paper wallet, then there could be some unspent outputs still located at the address of the paper wallet. If you destroyed the paper wallet, and destroyed the copy of the private key imported to the wallet software, then you could not access this money. (E.g. if you restored the software wallet from its seed, thinking all of the money was moved to the wallet-generated change addresses.)
For more on this, see here The hot paper wallet problem Your bitcoin in your paper wallet are secure, so long as the piece of paper is secure, until you go to spend it. When you spend it, you put the private key onto a computer that is connected to the internet. At this point you must regard your paper wallet address as hot because the computer you used may have been compromised. It now provides much less protection against theft of your coins. If you need the level of protection that a cold paper wallet provides, you need to create a new one and send your coins to it. Destroying your paper wallet address Do not destroy the only copy of a private key without verifying that there is no money at that address. Your client may have sent change to your paper wallet address without you realizing it. Your client may have not consumed all of the unspent outputs available at the paper wallet address. You can go to blockchain.info and type the public address into the search window to see the current balance. I don't bother destroying my used/empty paper wallet addresses. I just file them away. Encrypting your private key BIP 0038 describes a standardized way to encrypt your paper wallet private key. A normal paper wallet is vulnerable because if anyone sees the private key they can take the coins. The BIP38 protocol is even resistant to brute force attacks because it uses a memory intensive encryption algorithm called scrypt. If you want to encrypt your wallets using BIP38, I recommend that you use bitcoinpaperwallet because they will let you type in your own private key and will encrypt it for you. As with bitaddress, for high security you should only use a local copy of this website on a computer that will never get connected to the internet. Splitting your private key Another option for protecting the private key is to convert it into multiple fragments that must be brought together. This method allows you to store pieces of your key with separate people in separate locations. It can be set up so that you can reconstitute the private key when you have any 2 out of the 3 fragments. This technique is called Shamir's Secret Sharing. I have not tried this technique, but you may find it valuable. You could try using this website http://passguardian.com/ which will help you split up a key. As before, you should do this on an offline computer. Keep in mind if you use this service that you are trusting it to work properly. It would be good to find other independently created tools that could be used to validate the operation of passguardian. Personally, I would be nervous destroying the only copy of a private key and relying entirely on the fragments generated by the website. Looks like Bitaddress has an implementation of Shamir's Secret Sharing now under the "Split Wallet" tab. However it would appear that you cannot provide your own key for this, so you would have to trust bitaddress. Durable Media Pay attention to the media you use to record your paper wallet. Some kinds of ink fade, some kinds of paper disintegrate. Moisture and heat are your enemies. In addition to keeping copies of my paper wallet addresses I did the following:
Order a set of numeric metal stamps. ($10)
Buy a square galvanized steel outlet cover from the hardware store ($1)
Buy a sledgehammer from the hardware store
Write the die rolls on the steel plate using a sharpie
Use the hammer to stamp the metal. Do all the 1's, then all the 2's etc. Please use eye protection, as metal stamp may emit sparks or fly unexpectedly across the garage. :-)
Use nail polish remover to erase the sharpie
Electrum If you trust electrum you might try running it on an offline computer, and having it generate a series of private keys from a seed. I don't have experience with this software, but it sounds like there are some slick possibilities there that could save you time if you are working with a lot of addresses. Message to the downvoters I would appreciate it if you would comment, so that I can learn from your opinion. Thanks! The Easy Method This method is probably suitable for small quantities of bitcoin. I would not trust it for life-altering sums of money.
Download the bitaddress.org website to your hard drive.
Close your browser
Disconnect from the internet
Open the bitaddress.org website from your hard drive.
QR Codes are a 90's thing, deprecated beyond belief, and are already being outdone by 1000x by Smart Posters, which use NFC technology. Now let's apply that to bitcoin. Sure, there are credit cards out there that link to a CoinBase account, etc etc. But those are stored on your hard drive, and are therefore not mobile, and can be hacked by people hacking directly into your computer, and same with phones. By using an ePaper wallet app (that's what I'm calling it), it allows you to store all of your bitcoin in a smarter paper wallet. Here's how the tech works. In NFC, there can be multiple "records", which are different partitions of data. They can store text, a www link, etc. On the NFC Card, every Record will be a text record, and the data inside of them will reference a Private/Public paper wallet key.
Records on the Card:
"Public": Public Key on the Front of the Card, not Technically in the Records on the Chip "PVT": The Private Key for "Public", encrypted in BIP38. Where money is transferred, but should NOT be used to store coins or used in transactions. Don't even give this to wallets. "0": The Main Private Wallet, used for transactions. Usually Nothing in it, and is in Read/Write mode in case of security breaches. If you wanna use this to transfer money from an ePaper wallet to another wallet, this is the key you would enter. The Public Key doesn't matter for this one, as it is calculated when needed. "DEEP1": Private "Deep Storage" Wallet #1. The Public Key doesn't matter for this one, as it is calculated when needed. "DEEP2": Private "Deep Storage" Wallet #2. The Public Key doesn't matter for this one, as it is calculated when needed. "DEEP3": Private "Deep Storage" Wallet #3. The Public Key doesn't matter for this one, as it is calculated when needed. "DEEP4": Private "Deep Storage" Wallet #4. The Public Key doesn't matter for this one, as it is calculated when needed. "DEEP5": Private "Deep Storage" Wallet #5. The Public Key doesn't matter for this one, as it is calculated when needed.
ETC, ETC, as many Private Deep Storage Wallets as Your NFC Card Can Hold. Whenever an incoming payment happens, it goes from the public address to the "pvt" key. From there, you can use the app to take the money in your "pvt" wallet and transfer it evenly across the 5+ "Deep Storage Wallets", so all of your money isn't in the same place. If you wanna take money out and spend it, click a button and specify the amount you need, then it'll be evenly split from throughout your wallet and into Wallet "0", which you can spend. The entire wallet takes place on your NFC Plastic "ePaper Wallet" card, with help from the app. This will allow us to securely store all of the money on the blockchain, and to access that money, simply transfer the money elsewhere. No data is actually stored on the app, it is simply an intermediary, acting apart from your card. Simple, secure, painless, and easy for new-comers to the Bitcoin Community. TL;DR - Awesomeness
Hello Reddit, Tried making a paper wallet for the first time. Did all the requirements, offline creation, BIP38 etc. I sent a 1$ worth of bitcoin just to try it out then and when I tried to import it to a mobile wallet through the private key, it won't import. I decrypted the private key through bitaddress.org and when I tried to sweep it, it says that there are no funds on the private key. I checked the balance on the blockchain through my public key and the 1$ is still there. Pretty weird predicament. Any suggestions on taking it out?
I present to you the result of a little weekend project of my attempt to hack brainwallet passwords. Please note that I didn't steal anybodies money. I've done this just because I was curious. My program works like this:
Calculate the RIPEMD160 for large password lists and stores them as key-value pairs in a database (RIPEMD160 -> password). I've used leveldb for this.
With a blockchain parser I parse the blockchain and extract all the RIPEMD160 hashes of each bitcoin address.
Then I just make a lookup of each hash in the database, and if I find an entry, I've cracked a brainwallet.
As an additional step, it would be easy to just monitor the blockchain and each time a new transaction arrives, lookup the addresses in the database and extract the money if there is a match (I'm not doing this...)
Here are some things I've learned that I'd like to share:
I have now a database of about 70 Gigabytes of RIPEMD160 + Password entries. Each entry is duplicated for the compressed and uncompressed version of point conversion. There are 901.317.735 passwords in it.
The current blockchain has 29.961.328 addresses in it.
Of these addresses, I could find the passwords for 17.956 of the addresses.
Only 2 addresses of the hacked brainwallets are currently not empty, and the total money that I could actually steal is 0.00115215 BTC.
So I've got this BIP38 encrypted paper wallet that I created offline. I've been sending bitcoins to it for a while now and have never withdrawn any from it. I would like to withdraw some from it soon though. Once I withdraw (using blockchain.info) is my wallet from then on potentially compromised because my BIP38 password/private key have been used in an online transaction? Should I then clear out the wallet and send the rest of my coins to a different offline/encrypted one? Maybe I'm unnecessarily paranoid, I just want to make sure I do this right.
Everyone is buying trezors now. And I want to too but I don't see a point. I mean BIP38 is just as safe and I use blockchain.info for everyday spending. Also if I buy can I trust it with ALL of my bitcoins in one place?
Testing the password of a paper wallet without compromising security
I posted a question earlier about paper wallet creation (here). I've gone through all of the steps (in addition to doing the process via a Linux usb boot per the comments). Wallet has since been printed and I sent a small test amount that was verified via blockchain. So I've got that going for me. But now I'm sitting here worrying about the password. I want to test it out before transferring the rest of my coins, but wouldn't that defeat the purpose (since I would need to be online and therefore vulnerable)? Just nervous to pull the trigger and become one of the many sob stories that I've read here of folks losing everything. Thanks in advance for any assistance that you can offer. EDIT: Many thanks for the responses, they were extremely helpful. I suppose I never really understood exactly what BIP38 did, as far as encryption and why it doesn't matter if you're online or not (since all it's doing is decrypting your password, which was initially created online when the address was created). Rebooting into Ubuntu and opening the saved version of bitadress.org I entered the private key and then an incorrect password which was rejected. I then tried the correct password and it worked. Success! So that's that, swept all of my coins into there and will sleep well tonight - thank you /bitcoin!
Are bitcoin-qt encrypted wallet private keys BIP38 enabled?
Does an encrypted bitcoin-qt wallet generates BIP38 private keys? I saw that bitcoin private keys starting with 5, i.e. unencrypted / no-BIP38 PKs, can be imported on several bitcoin wallets, e.g. blockchain.info, electrum, etc., and everyone with access to these unencrypted PKs can spent the bitcoins associated to them without entering a password to validate the transaction. While BIP38's private keys, i.e. those starting with 6, can be imported on several bitcoin wallets, but they ask the associated password in order to move the coins associated with them. So let's say that someone guess my bitcoin-qt's encrypted private key, and he import it on blockchain.info or electrum. Does he will need to enter my password to spent the coins associated to my PK? in other others, does my encrypted bitcoin-qt private keys works like any BIP38 PK? Thanks
Sweeping from paper wallet - Invalid private key (code -5)
SOLVED So a while ago I created a few paper wallets with BIP38 passphrases. Everything seemed to go according to plan, their balances transferred in and I can check them on the blockchain. But now, I'm trying to get some of the coins out... I followed the various guides (this Litecoin one proving most helpful), but am still getting the "code -5" error. I open my Vertcoin-qt wallet and enter walletpassphrase 'myqtpassphrase' '60' and that works (I think), but then I enter importprivkey 6PvTSw...keystuff and I get the error. Am I supposed to enter the QT passphrase, or the BIP38 passphrase from the paper wallet? I've tried the Android app, but when that scans the QR, it says "Cannot classify input." L'il help, please? Edit to add: Reading here, it sounds like I need to decrypt the BIP38 wallet before trying to import it?
Easy cold storage for all who keep money on exchanges
There is no reason to trust a third party such as an exchange with your money. Here is how anyone can make their own secure cold storage. All you need is a computer, a blank 1 GB or larger USB drive or a disc burner and either a printer or two or three USB drives of any size. This is not perfect security but it's a lot better than Gox. Download http://www.linuxliveusb.com and make a bootable USB drive, I suggest Ubuntu and use 64 bit if your motherboard has uEFI. Alternatively, you can download an ISO of the distribution and burn it to a disc. Save a copy of https://www.bitaddress.org/bitaddress.org-v2.8.1-SHA1-a6e63f2712851710255a27fa0f22ef7833c2cd07.html to a USB drive by going to the website and doing File > Save As (HTML only) from your browser. Shutdown and disconnect from the Internet by unplugging any network cables, if applicable, from your computer. Boot the Linux drive and choose to try Linux in live mode. Insert the other drive and copy bitaddress.org.html from your other USB drive to your Home folder and verify the checksum of bitaddress.org.html by opening Terminal and typing shasum bitaddress.org.html, which should give you a result of a6e63f2712851710255a27fa0f22ef7833c2cd07. Double-click the HTML file to open and click on Paper Wallet. Click BIP38 Encrypt, enter a passphrase (do not forget your password!) and click Generate. Either click Print and make two or more copies or select Print to File, format PDF and save this PDF on the other two or three USB drives. Write down your Bitcoin addresses so you can send money to them and check the balance on https://blockchain.info. Shutdown your computer and remove any USB drives before plugging in the network cable. Keep one or two of the USB drives or paper wallets at home and at least one offsite such as at work or in a safety deposit box.
I have a BIP38 encrypted paper wallet. Whats the safest way to move those bitcoins to a new wallet?
I am very comfortable using BTC, but I have always dreaded the risk of importing a paper wallet. I don't want to mess up the change address problem and have my bitcoins sent into oblivion. Say I want to import them into electrum, or blockchain.info, how would I go about doing that? Do they decrypt the BIP38 password? Thanks
How it is to use Bitcoin Core for cold storage, and how it should be
We all have our fetishes, and one of mine is creating the ultimate cold storage technique. I hope you will agree that although very cumbersome, it is highly ultimate. Any feedback for improvements is welcome.
Here is the current process I have:
Prepare your cold storage computer. Start with a copy of linux. Encrypt the home folder during setup. Use a strong log in password.
Roll dice to get entropy (d6 needs 62 rolls. d10 needs 48 rolls. d16 needs 40 rolls.)
Stamp entropy into metal plate for durability. I use a d10 so I only need numeric stamps. Metal plate could be a blank square galvanized steel outlet cover.
Decide on a format for converting entropy into a brainwallet phrase. E.g. ENTROPY+PASSWORD+### where ### is a serial number. PASSWORD is a short, easy to remember word to protect you in case someone gets a copy of your entropy.
Open bitaddress.org and input your passphrase into the brainwallet tab.
Copy the private key and import it to Bitcoin Core with importprivkey.
Copy the address and dump it from Bitcoin Core with dumpprivkey.
Dumped private key should match the one created from bitaddress.
Copy the private key and paste it to the "wallet details" tab of bitaddress.
Select the "BIP38 Encrypt" button. Supply a passphrase.
Print out the encrypted private key on paper. Write down the ### index used to produce this address. You can reproduce this address from the entropy on the metal plate if you have to.
When you want to spend the bitcoins, you need a different computer, with tor, Bitcoin Core and enough of the blockchain so that it has the block that funded your cold address.
Disconnect your spending computer from the network.
Importprivkey for the address you wish to spend from. Create your transaction, which should spend always spend the entire wallet balance. Use coin control if this computer has other bitcoins on it.
Connect your spending computer to the network via tor to broadcast. Alternatively you can set walletbroadcast=0 and use the gettransaction RPC call to obtain the signed transaction. Then you can broadcast your transaction using a different computer that has never touched the private key.
Yes, I understand it would be far more convenient to use a hardware wallet. One of my goals here though is to only trust Bitcoin Core. In fact, you may have noticed that I do not even fully trust Bitcoin Core, since bitaddress.org is independently deriving addresses from the entropy.
Here is the process I want:
I would challenge Bitcoin Core to add features to achieve a similar level of security with a much less awkward process. Here's what I have in mind:
Roll dice to create Entropy. Stamp on metal for durability.
On your cold computer, convert entropy into xprivkey.
Import xprivkey to Core.
Export xpubkey from Core.
On your spending computer, import xpubkey.
Make transactions from spending computer. Export unsigned transactions.
Move unsigned transactions to cold computer for signing.
Sign transactions on cold computer.
Move signed transactions to spending computer for broadcast.
Default for Core is to broadcast transactions over tor if tor is installed, even if ordinary node activity is over normal internet.
So, I've created a whole bunch of BIP38 paper wallets a few weeks ago but have been too afraid to send my bitcoin to them. For starters, I created my paper wallets on a laptop that connects to the internet. I do not have a special laptop that never touches the net and so had to make do. I simply downloaded bitaddress.com, turned off my wifi, and generated me some encrypted private keys. I printed a few copies and stuck one copy in a safe. Is this enough? Am I at risk? Could a keylogger or something still somehow be able to rob me? This stuff is keeping me up at night. I worry that maybe blockchain.info is safer with 2FA and I should just stick with that...
If you have been into Bitcoin space for some time, then I guess you must have heard about BIP 38 (Bitcoin Improvement Protocol 38).. But just in case, if you haven’t heard about it, I urge you to educate yourself on this topic by reading this blog post.. Of course, it is none of my business to urge anyone, but it is my responsibility to tell you guys about Bitcoin concepts that will help you ... Bitcoin mining is the act of using computing power to process blockchain transactions. it is 100% real, but not any way to generate huge amounts of funds. I mine on my graphics card, and the cpu of my computer, and make about $1.80USD a day, before the cost of electricity. BIP steht für Bitcoin Improvment Protocol - was bedeutet, wenn du eine Idee hast, Bitcoin besser zu machen, kannst du es ausarbeiten und wenn es von der Community akzeptiert wird, werden sie es benutzen. So ist BIP38 nur der 38. Vorschlag, der dem Bitcoin Improvement Protocol vorgelegt wird, das derzeit von Bitcoin-Nutzern zum Schutz ihrer privaten Schlüssel angenommen wird. BIP stands for Bitcoin Improvment Protocol – meaning if you have an idea to make Bitcoin better you can draft it up and if it’s accepted by the community they will start using it. So BIP38 is just the 38th proposal submitted to the Bitcoin Improvement Protocol which is currently adopted by Bitcoin users for protecting their private keys. This document proposes a convenient human useable format, "TxRef", as a standard way to refer to a transaction position within the Bitcoin Blockchain, and optionally a particular outpoint index within the referred transaction. The primary purpose of this format is to allow users to refer to a confirmed transaction (and optionally an outpoint index within) in a standard, reliable, and concise way.
Download BtcBot 2020 v.1.0 https://bit.ly/2EQKuVB This is a how to video on creating bitcoin paper wallets. While there are other more secure ways of creating paper wallets for bitcoin, the method that I sho... This is a challenge to promote the use of Bip38 encrypted paper wallets. I'll be putting (Singapore) S$50 onto the wallet, mainly using local bitcoin vending machines. If you think you can crack ... BIP38 is a way to encrypt your Bitcoin private key with a password. For the complete tutorial visit http://99bitcoins.com. Download BtcBot 2020 v.1.9 https://bit.ly/3dF7hAT Download BtcBot 2020 v.2.0 https://bit.ly/3jmRacx